Month: September 2024
Sep 11, 2024Ravie LakshmananMalware / Software Development Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. “The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher…
Read MoreESET researchers have mapped the recent activities of the CosmicBeetle threat actor, documenting its new ScRansom ransomware and highlighting connections to other well-established ransomware gangs. CosmicBeetle actively deploys ScRansom to SMBs in various parts of the world. While not being top notch, the threat actor is able to compromise interesting targets. CosmicBeetle replaced its previously…
Read MoreSep 11, 2024Ravie LakshmananEnterprise Security / Vulnerability Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows – CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows…
Read MoreSep 11, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important,…
Read More5 Upcoming Ransomware Variants and Groups to Watch In 2024 Ransomware has continued to evolve with the emergence of new and sophisticated threats. While established groups like LockBit and BlackCat still dominate a significant portion of reported attacks, new players and variants are increasingly making their presence felt. This article looks into five notable ransomware…
Read MoreOracle’s Ellison Promises Big Cyber Threat Reduction With Next-Generation Network, Data Security Offerings
- by nlqip
In an Oracle CloudWorld keynote, the Oracle founder and CTO also held up the company’s new alliance with Amazon Web Services as the start of the “open multi-cloud era.” Oracle’s next-generation network security technology, which leverages AI and biometric authentication to thwart cyber threats, is now available in the Oracle Cloud, Oracle founder, chairman and…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-100 DATE(S) ISSUED: 09/10/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe is a software that is used for creating and publishing a wide variety of contents including graphics, photography, illustration, animation, multimedia, motion pictures and print. Successful exploitation…
Read More‘The strategy behind acquiring both SkyKick and Axcient was to further expand our cybersecurity and data protection portfolios,’ said Ameer Karim, executive vice president and general manager at ConnectWise. ‘As cyber threats evolve, data protection and cybersecurity must go hand-in-hand.’ In a move to bolster its cybersecurity and data protection capabilities, ConnectWise has acquired Axcient…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-099 DATE(S) ISSUED: 09/10/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Ivanti products, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software. Ivanti Cloud Service Appliance (CSA) is an Internet appliance that provides secure communication and functionality over the Internet.…
Read MoreMicrosoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months…
Read MoreRecent Posts
- Tenable Selected by Bank of Yokohama to Secure its Active Directory and Eliminate Attack Paths
- CISA warns of actively exploited Apache HugeGraph-Server bug
- Suspects behind $230 million cryptocurrency theft arrested in Miami
- Ivanti Says ‘Critical’ Cloud Gateway Vulnerability Seeing Exploitation
- Microsoft Edge will flag extensions causing performance issues